Abstract
National mechanisms of critical information infrastructure (CII) protection differ depending on the information assets, authorities’ powers, methods of regulation, etc. Singapore implements the state-driven approach for CII protection that is balanced and calibrated in order to harmonize the efficient powers of authorities with the burdens imposed on IT industry parties. Singapore’s Cybersecurity Act 2018 (CSA) establishes a solid and precise framework for the CII protection specifying three core aspects: constant cooperation of public authorities and private sector in envisaging a CII system; broad authorities for prevention, management and response to cybersecurity threats and incidents in Singapore, and compulsory licensing of cybersecurity services. It emphasizes compliance with promulgated codes of practice and expresses designation of CII and cybersecurity threats. The distinctive feature of the act is its significant reduction of the compliance burden on cybersecurity professionals and CII owners. As for the CII protection it’s important that computer systems in the supply chain supporting the operation of a CII (i.e. data centre owners and cloud services operators) will not be designated as CIIs. Thus the CSA illustrates the narrow approach of law makers in envisaging its jurisdiction – it implies just CII owners and not any network operators. Singapore is a first jurisdiction in South-East region that has developed its cybersecurity legislation to impose requirements on certain businesses to implement protections against cybersecurity risks into their computer systems.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Buldyrev, S.V., Parshani, R., Paul, G., Stanley, H.E., Havlin, S.: Catastrophic cascade of failures in interdependent networks. Nature 464(7291), 1025–1028 (2010)
Matania, E., Yoffe, L., Goldstein, T.: Structuring the national cyber defence: in evolution towards a Central Cyber Authority. J. Cyber Policy 2(1), 16–25 (2017)
Farrand, B., Carrapico, H.: Blurring public and private: cybersecurity in the age of regulatory capitalism. In: Security Privatization: How Non-Security-Related Private Businesses Shape Security Governance, pp. 197–217. Springer International Publishing AG, Basel (2018)
Sarri, A., Moulinos, K.: Stocktaking, Analysis and Recommendations on the Protection of CIIs. European Union Agency for Network and Information Security (ENISA), Heraklion (2015)
Häyhtiö, M., Zaerens, K.: A comprehensive assessment model for critical infrastructure protection. Manag. Prod. Eng. Rev. 8(4), 42–53 (2017)
Bobro, D.: Methodological aspects of critical infrastructure protection (2018). Research Gate Homepage. https://www.researchgate.net/publication/322715607_The_National_Institute_for_Strategic_Studies_methodological_aspects_of_critical_infrastructure_protection. Accessed 21 May 2018
Council Directive 2008/114/EC of 8 December 2008 on the identification and designation of European Critical Infrastructures and the assessment of the need to improve their protection. Official J. L, 345(23), 12 (2008)
Green Paper on a European Programme for Critical Infrastructure Protection. COM 576 final (2005)
Mattioli, R., Levy-Bencheton, C.: Methodologies for the identification of critical information infrastructure assets and services: guidelines for charting electronic data communication networks. European Union Agency for Network and Information Security (ENISA), Heraklion (2014)
Wun, R., Tan, M.: Cybersecurity in Singapore and China (2018). Lexology Homepage. https://www.lexology.com/library/detail.aspx?g=cae1ecf3-8228-4f89-a30e-6587fd592da4. Accessed 21 May 2018
Singapore’s Cybersecurity Strategy. Cyber Security Agency of Singapore, Singapore (2016)
Cybersecurity Act: Cyber Security Agency of Singapore, Singapore (2018)
Singapore’s New Cybersecurity Act - A Relief and Leading the Way for Others? BakerMcKenzie Homepage. https://www.bakermckenzie.com/en/insight/publications/2018/02/singapores-new-cybersecurity-act. Accessed 21 May 2018
Hashim, H.M., Sokolova, E., Derevianko, O., Solovev, D.B.: Cooling load calculations. In: IOP Conference Series: Materials Science and Engineering, vol. 463, Part 2, Paper № 032030 (2018). https://doi.org/10.1088/1757-899X/463/3/032030
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Gorian, E. (2020). Singapore’s Cybersecurity Act 2018: A New Generation Standard for Critical Information Infrastructure Protection. In: Solovev, D. (eds) Smart Technologies and Innovations in Design for Control of Technological Processes and Objects: Economy and Production. FarEastСon 2018. Smart Innovation, Systems and Technologies, vol 138. Springer, Cham. https://doi.org/10.1007/978-3-030-15577-3_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-15577-3_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15576-6
Online ISBN: 978-3-030-15577-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)